CA/CertificatePolicyV2.2

From MozillaWiki
< CA
Revision as of 20:55, 2 May 2013 by Kathleen Wilson (talk | contribs) (Created page with "= About Mozilla's CA Certificate Policy Version 2.2 = == Purpose of this update == There are two primary drivers of this particular update to [http://www.mozilla.org/project...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

About Mozilla's CA Certificate Policy Version 2.2

Purpose of this update

There are two primary drivers of this particular update to Mozilla's CA Certificate Policy:

  1. Make sure CAs are prepared to monitor and handle the introduction of new gTLDs by ICANN. This will be accomplished by requiring version 1.1.3 of the Baseline Requirements. Further details may be found in the mozilla.dev.security.policy forum.
  2. Update the Enforcement section to emphasize that knowing or intentional mis-issuance of a certificate will have serious ramifications.

Time Frames for included CAs to comply with version 2.2 of the policy

Version 2.2 of Mozilla's CA Certificate Policy was published on <date>, 2013.

Certificates issued before <date>, 2013, must at least meet the requirements of Version 2.0 of Mozilla's CA Certificate Policy and be transitioning to compliance with Version 2.1 of Mozilla's CA Certificate Policy.

Any Certificate Authority being considered for root inclusion after <date> must comply with Version 2.2 of Mozilla's CA Certificate Policy.

CAs that were already included in Mozilla's program as of <date>, 2013 will have transition time frames (see below) for them to make the necessary changes in order to comply with the new requirements in Version 2.2 of Mozilla's CA Certificate Policy.

Version 1.1.3 of the Baseline Requirements

Knowing or Intentional Mis-issuance of Certificates

Retrieved from "https://wiki.mozilla.org/index.php?title=CA/CertificatePolicyV2.2&oldid=651743"